Analysis
-
max time kernel
28s -
max time network
133s -
platform
android_x64 -
resource
android-x64-20240624-en -
resource tags
androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system -
submitted
07-11-2024 19:47
Static task
static1
Behavioral task
behavioral1
Sample
ac7458e2fa4fde4a6c8c3adc06a5f4b5.apk
Resource
android-x86-arm-20240624-en
Behavioral task
behavioral2
Sample
ac7458e2fa4fde4a6c8c3adc06a5f4b5.apk
Resource
android-x64-20240624-en
Behavioral task
behavioral3
Sample
ac7458e2fa4fde4a6c8c3adc06a5f4b5.apk
Resource
android-x64-arm64-20240624-en
General
-
Target
ac7458e2fa4fde4a6c8c3adc06a5f4b5.apk
-
Size
2.5MB
-
MD5
ac7458e2fa4fde4a6c8c3adc06a5f4b5
-
SHA1
bd30371b52fbc067bc29017c9effe30bfbd5aa89
-
SHA256
03ead8a86c4bfc846c7472972dceb853bd06bbb4c65f967a7b712e022dbad6a6
-
SHA512
dcfb2141ea62d75b02cd3060ce39c5190d22fda717e7c0740376655b7ad41861e3131167d83d7ad817e9f1419e653cdf140af0cc9d3c55f21c189f818e20cf25
-
SSDEEP
49152:FxOZOK5Q+q+XQvqqztSxliDImn66oiGDXpNpd2ZrB8HEj2Qo:oP5bbq4mn6hPBd2ZrBcEj1o
Malware Config
Signatures
-
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
Processes:
COM.TUUURAHIDDENSdescription ioc Process Framework service call android.content.IClipboard.addPrimaryClipChangedListener COM.TUUURAHIDDENS -
Queries the phone number (MSISDN for GSM devices) 1 TTPs
-
Reads the content of SMS inbox messages. 1 TTPs 1 IoCs
Processes:
COM.TUUURAHIDDENSdescription ioc Process URI accessed for read content://sms/inbox COM.TUUURAHIDDENS -
Acquires the wake lock 1 IoCs
Processes:
COM.TUUURAHIDDENSdescription ioc Process Framework service call android.os.IPowerManager.acquireWakeLock COM.TUUURAHIDDENS -
Queries information about active data network 1 TTPs 1 IoCs
Processes:
COM.TUUURAHIDDENSdescription ioc Process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo COM.TUUURAHIDDENS -
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
Processes:
COM.TUUURAHIDDENSdescription ioc Process Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone COM.TUUURAHIDDENS -
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
Processes:
COM.TUUURAHIDDENSdescription ioc Process Framework service call android.app.IActivityManager.registerReceiver COM.TUUURAHIDDENS -
Checks CPU information 2 TTPs 1 IoCs
Processes:
COM.TUUURAHIDDENSdescription ioc Process File opened for read /proc/cpuinfo COM.TUUURAHIDDENS -
Checks memory information 2 TTPs 1 IoCs
Processes:
COM.TUUURAHIDDENSdescription ioc Process File opened for read /proc/meminfo COM.TUUURAHIDDENS
Processes
-
COM.TUUURAHIDDENS1⤵
- Obtains sensitive information copied to the device clipboard
- Reads the content of SMS inbox messages.
- Acquires the wake lock
- Queries information about active data network
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks CPU information
- Checks memory information
PID:5040
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
56KB
MD5bb813a96a4cf2f50e1386f8d8104863b
SHA1395ae04d656b33628d85449d86cf2c3eff3f6723
SHA25691d62e613e00ccd376f72c5d929a63a8389adfce429fe5008e0c074263015bfe
SHA51273405dd01f55daf8678b7952b07eb7fd643e37952bf7f4fe94d57a8a3890a1608db4c3eb883cdb35d4137e99a77fa98cae5f7ff3ebdeac6d27fc2b437441d04f
-
Filesize
512B
MD599f3868ff13db2114d909dcc5f175ae7
SHA19ccf8cad8afadd068f518c22e81fc7ec12291816
SHA25661db98927489fff84a5714ded47bb510e8b96c644606e602d66d3402e44c593d
SHA512e8d51d3bb77a3b1fe992104328a96aa19515ef63c64f405bf7791333d74e8ed478ee911a3371ccee25fa3e4a031ce70b259cc9f14b6a252aa56206a4233fcda9
-
Filesize
8KB
MD56c93629fb92e795d90e6162aab554114
SHA165b6f054b6f7b7a6e9f5807775464b6b7e35c791
SHA256845f508ab2bd99d5f703b9a9d07c98bb94250a889152046622c2969b98ad3c7f
SHA512ea77c8487367d87237d2a47e6f5981f96c2ca790ed292e383c6e594ac4b6c4a19bad32bab769186f705806a448f4e72b8589c1c02f31068b23ae539dc334e20d
-
Filesize
8KB
MD55fa39728112f1720bc5b296e7f6266ad
SHA1ece6ef4fa2e84de57b23b827f06b79b2d253603d
SHA25623a3b7d06f4017f97ae8828f84e8eca5e30e97f2a93bb981443bc29db205ad1b
SHA512067f4998aa0e51685d696de0947df9c7b755df37c1566a5eb9be0383a3399b058783349f0231a8be234e7b7026e837f1e87fd6b742dfd92d37b36e9995aec7f7
-
Filesize
569B
MD5f27439d1204c16250f5acd44418dfafd
SHA16c11d2d48f54e9e6093d4c40a30553951e855981
SHA25640fb6dfdeb095e955381b8262c0ea98ffe2badb34307f312a87e914cb987a259
SHA512f01a688d5071c0db0da95eeca9324bec595bb30884a41cfb7eb598d78824dc94e97ab40da72b91d8e007355b77cec27afa7d3bb67071ff5330e18bd75dacd746
-
Filesize
90B
MD5c9de80c4528d9d69ba939f170583d5ae
SHA1c4d07f4b185bc29e6bf5d5598c56c53254bbc8f4
SHA25636a10b74716ad1836510c33b03c867870a929ded3e37e4298668d122c61d0af8
SHA51272505e0c01591264650baa212ba777259cddc7dde3c6df1943e7d901c4ba0e70084c86cff02d4d6488c0a6f7d70ff17191b1dda8dd91cb84ee4f66cff8f73ea1
-
Filesize
4KB
MD5f2b4b0190b9f384ca885f0c8c9b14700
SHA1934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA2560a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1
-
Filesize
512B
MD50871084c85c459a90b090a2ddd2ceb85
SHA19a2720295484109ea5e1f65651b4150ec926c7cf
SHA256ff06c24a771d50b522015420e8a048f65b9a292b4a9662dbe70aba36ac903485
SHA5127464c24edbc7e2647f1c4a80eda3bcc916727bc4e80c73099ad88a065cc17690f52cce2da4a68be45c604ec061a7b53b1e7f420c962ec2f74116986656bad899
-
Filesize
32KB
MD5bb7df04e1b0a2570657527a7e108ae23
SHA15188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012
-
Filesize
108KB
MD5a0f501d60a1f37e326fec6942bb1d3f8
SHA1146e43a49b165a254791da70f03d7fc74da6eff4
SHA25668a6d89144b9f6e86518a8a8a77b617637b6d8c7ed174b50470add4363b0fe31
SHA512b7823a7900ac94976f7c0fcc69e66ee2fbb0b3ab18ecd8cc30acc5e386e15493fe987dc43409d2e7fa80963184fcfbfa7b317ee9b01b19817200de26b7ed476d
-
Filesize
16KB
MD564985a25b7905a162f345dc0b55737f0
SHA15590584610d01e77bdd5cc83435f4053489b6644
SHA2565cf60464f0a27bc6da6a56885ae6f321aea05162ee6ce0a2779846166f1fd020
SHA512d9e88357af6985a54948f4006cd51801830ac7ba3092b79b23996fde2127f3a15cfb515f91094f0fe66d31570b7417428f74e89587cea5204f563c1af927a197